class SessionsController < ApplicationController
  
  # skip_before_filter :authorize
  
  def new
  end
  
  def new_admin
  end

  def create
    if @user_logged = User.authenticate(params[:name], params[:password])
         @user_logged_name = @user_logged.name
         p  @user_logged_name.to_s+'!!!!!!!!!!!!!!'
         session[:user_id] = @user_logged.id
         session[:user_name] = @user_logged.name
         redirect_to store_url,:notice => "欢迎您，#{@user_logged.name}"
       else
         redirect_to login_url, :alert => "无效的用户名/密码组合"
       end
  end

  def create_admin
    if @admin_logged = Admin.authenticate(params[:name], params[:password])
         @admin_logged_name = @admin_logged.name
         # p  @admin_logged_name.to_s+'!!!!!!!!!!!!!!'
         session[:admin_id] = @admin_logged.id
         p session[:admin_id].to_s+'!!!!!!!!!!!!'
         redirect_to home_url,:notice => "欢迎您，管理员#{@admin_logged.name}"
       else
         redirect_to login_admin_path, :alert => "无效的用户名/密码组合"
       end
  end


  def destroy
    session[:user_id] = nil
    redirect_to store_url, :notice => "已注销"
  end
  
  def destroy_admin
    session[:admin_id] = nil
    redirect_to home_url, :notice => "管理员已注销"
  end
end
